<?php

require_once('../include/GeneralTop.php');
require('../include/class/db.php');
require('../include/class/pagination.php');

if (!$content_admin) {
	die('<div style="text-align:center">Permission denied...</div>');
}

$db = new db;
if ((isset($_GET['PAId'])) && ($_GET['PAId'] != "" && $_GET['action'] == 'del')) {
  if(MEMBER_PAID === (int)$_SESSION['MM_UserGroup']) {
	  $check_sql = "select add_user from pet_info where PAId=".$_GET['PAId'];
	  $check_sql_query = $db->query($check_sql);
	  $check_sql_row = $db->fetch($check_sql_query);
	  if((int)$check_sql_row['add_user'] !== (int)$_SESSION['MM_Username_id']){
		  die('<div style="text-align:center">You have no permission to delete this pet...</div>');
	  }
  }
  
  $deleteSQL = sprintf("DELETE FROM pet_info WHERE PAId=%s",
                       GetSQLValueString($_GET['PAId'], "int"));

  $db->query($deleteSQL);
}

include('AdminPanel.php');

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<table width="70%" border="0" align="center" cellpadding="5" cellspacing="0" class="table_border_grey" style="margin-top:10px;">
  <tr>
    <td colspan="10">
	  <form action="<?php echo $_SERVER['PHP_SELF']?>" method="GET">
	  宠物搜索(输入宠物名或者编号都可)： <input type="text" name="kw" size="20">
	  <input type="submit" name="submit" id="submit" value=" 按宠物名或编号搜索 ">
	  </form>
	</td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td>照片</td>
    <td>宠物名</td>
    <td>编号</td>
    <td>种类</td>
    <td>品种</td>
    <td>性别</td>
    <td>是否已领养</td>    
    <td>性格描述</td>
  </tr>
  <?php
    if(MEMBER_PAID === (int)$_SESSION['MM_UserGroup']) {
    	$where = " and add_user=".$_SESSION['MM_Username_id']." ";
    }
    else {
    	$where = "";
    }
    if(isset($_GET['submit']) && $_GET['kw'] != '') {
		$sql = "SELECT *, SUBSTRING(Pet_otherinfo,1,55) AS intro FROM pet_info where 1 and (PAPetName like '%".$_GET['kw']."%' or guid='".$_GET['kw']."') ".$where." ORDER BY PAId DESC";
	}
	else {
    	$sql = "SELECT *, SUBSTRING(Pet_otherinfo,1,55) AS intro FROM pet_info where 1 ".$where." ORDER BY PAId DESC";
	}
	$res = $db->query($sql);
	$num = $db->num($res);
	if($num > 0) {
		$pagination = new Pagination($num, PAGICATION_RECORD_COUNT_NEWS, $_GET['page'], PAGINATION_DELTA);
		$sql = $sql." limit ".$pagination->begin.",".$pagination->end;
		$res = $db->query($sql);
		while($row = $db->fetch($res)) {
    ?>
    <tr>
      <td>
      	<label>
          <input type="button" name="button" id="button" value="Delete" onclick="if(confirm('Are you sure to delete this?')){window.location.href='<?php echo $_SERVER['PHP_SELF']?>?action=del&PAId=<?php echo $row['PAId']; ?>'}"/>
        </label>
      </td>
      <td>
      	<a href="EditPetInfo.php?PAId=<?php echo $row['PAId']; ?>">Edit...</a></td>
      </td>
      <td><a href="ShowDetailPetInfo.php?recordID=<?php echo $row['PAId']; ?>"><img src="<?php echo IMAGES_PET_FOLDER.$row['PPhoto_main_thumb']; ?>" border="0" class="img_border"></a></td>
      <td><a href="ShowDetailPetInfo.php?recordID=<?php echo $row['PAId']; ?>"><?php echo $row['PAPetName']; ?></a>&nbsp; </td>
      <td><?php echo $row['guid']; ?>&nbsp; </td>
      <td><?php echo getPetType($row['PType']); ?>&nbsp; </td>
      <td><?php echo $row['PVariety']; ?>&nbsp; </td>
      <td><?php echo getGender($row['PGender']); ?>&nbsp; </td>
      <td><?php echo getIsAdopt($row['PIsAdopt']); ?>&nbsp; </td>
      <td><?php echo $row['intro']; ?>...&nbsp; </td>
    </tr>
    <?php 
		}
    }
	?>
	<tr>
    <td colspan="10">
	    <?php
		if($num > PAGICATION_RECORD_COUNT_NEWS) {
			echo $pagination->paginationString;
		}
		?>
	</td>
  </tr>
</table>
<br />
</body>
</html>